More Trouble for SafeMoon
There’s been another incident with the SafeMoon project, which announced that its SFM/BNB Liquidity Pool had been “compromised.” On-chain data indicates the amount drained approached $9 million.
To the @SAFEMOON community: We want to inform you that our LP has been compromised.
— SafeMoon (@safemoon) March 28, 2023
We are taking swift action in an attempt to resolve the issue as soon as possible. Follow here for updates.
Thank you for your support as we work to address this situation.
SafeMoon CEO John Karony tweeted that only the SFM/BNB LP was affected, and the project’s exchange platform is “safe” along with the wallet.
To our valued community,
— John Karony (@CptHodl) March 29, 2023
As you may be aware, on Tuesday 28 March, SafeMoon’s Liquidity Pool was compromised. We have taken swift action to resolve the situation and protect our community. I want to make clear that our DEX is safe. This ultimately affected the SFM:BNB LP pool.…
This isn’t the first time SafeMoon has been in the negative spotlight. In April 2022, YouTuber Coffeezilla published two videos looking into the project’s troubles, some of which predated Karony’s tenure.
In regard to the current incident, blockchain security firm PeckShield tweeted that the code that was exploited – a “public burn bug” – was introduced by the official SafeMoon deployer.
Hi @safemoon The upgrade, with the exploited public burn bug, was initiated by the official SafeMoon: Deployer. (Admin key leak?) And here comes the upgrade tx. https://t.co/ffAhm9qhgG https://t.co/KYEiYxMRII pic.twitter.com/9CQhseircP
— PeckShield Inc. (@peckshield) March 28, 2023
“The upgrade, with the exploited public burn bug, was initiated by the official SafeMoon: Deployer. (Admin key leak?),” PeckShield said.
Data from BscScan indicates that the exploiter’s wallet transferred the funds to a second wallet, which sent a message to the SafeMoon deployer, saying “Hey relax, we are accidently frontrun an attack against you, we would like to return the fund, setup secure communication channel , lets talk”.
#PeckShieldAlert Safemoon exploiter: Hey relax, we are accidently frontrun an attack against you, we would like to return the fund, setup secure communication channel , lets talkhttps://t.co/ylHpIiFmrl
— PeckShieldAlert (@PeckShieldAlert) March 29, 2023
And the exploiter has transferred 4k $BNB to 0x237d5https://t.co/45wnrxzixa pic.twitter.com/BMxHOBvbjF
Upon news breaking about the incident, the SFM token’s value dropped by about 30%, according to CoinGecko, though it has since regained some of that loss.